The 47-Day Certificate Ultimatum: How Browsers Broke the CA Cartel
For twenty years, Certificate Authorities ran the perfect protection racket.
Nice website you got there. Shame if it was “Not Secure.” That’ll be $300 a year.
The CAs had a beautiful monopoly. Browsers needed them to keep users safe. Websites needed them to look legitimate. Everyone paid up, nobody asked too many questions. Then the cryptography of most certificates (SHA-1) got shattered, and the browsers realized they’d been played.
This is the story of how certificate lifetimes went from 3 years to 47 days, why the CAs fought every second of it, and what it means for your certificates.
Don't miss what's next. Subscribe to Odds & Todds: